Improving Cyber security Situational Awareness and Cyber-Attack Detection Based on Analytic Data Mining Techniques

2021 ◽  
Author(s):  
Kjonath Kwizera ◽  
Liu Zhaohui
Keyword(s):  
Data Mining ◽  
Cyber Security ◽  
Situational Awareness ◽  
Attack Detection ◽  
Cyber Attack ◽  
Data Mining Techniques

scholarly journals Review on EM-CURE Algorithm for Detection DDOS Attack

2018 ◽  
Vol 7 (01) ◽  
pp. 23386-23489
Author(s):  
Miss Priyanka P. Narode ◽  
Prof I.R. Shaikh
Keyword(s):  
Data Mining ◽  
Network Flow ◽  
Denial Of Service ◽  
Attack Detection ◽  
Cyber Attack ◽  
Data Mining Technique ◽  
Network Resource ◽  
Data Mining Techniques ◽  
Ddos Attack ◽  
Efficient Detection

Distributed Denial of Service attack (DoS attack) is a cyber attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method because they are designed to restricted applications on limited environments.DDoS attack detection very difficult because the non-existence of predefined rules to correctly identify the genuine network flow. A combination of unsupervised data mining techniques as IDS are introduced. The Entropy Method concept in term of windowing the incoming packets is applied with data mining technique using Clustering Using Representative (CURE) as cluster analysis to detect the DDoS attack in network flow. The data is mainly collected from datasets. The CURE DDoS attack detection technique based on entropy gives a promising way to analyze this attack and construct an efficient detection model using a clustering data mining techniques. This approach has been evaluated and compared with several existing approaches in terms of accuracy, false alarm rate, detection rate, F. measure and Phi coefficient.

Cyber Security Aspects of Virtualization in Cloud Computing Environments

2021 ◽  
pp. 1658-1671
Author(s):  
Darshan Mansukhbhai Tank ◽  
Akshai Aggarwal ◽  
Nirbhay Kumar Chaubey
Keyword(s):  
Cloud Computing ◽  
Cyber Security ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Point Of View ◽  
Cyber Attack ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Detection Approach ◽  
Detection Response

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

Cyber Security Aspects of Virtualization in Cloud Computing Environments

2020 ◽  
pp. 283-299 ◽  
Author(s):  
Darshan Mansukhbhai Tank ◽  
Akshai Aggarwal ◽  
Nirbhay Kumar Chaubey
Keyword(s):  
Cloud Computing ◽  
Cyber Security ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Point Of View ◽  
Cyber Attack ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Detection Approach ◽  
Detection Response

Cybercrime continues to emerge, with new threats surfacing every year. Every business, regardless of its size, is a potential target of cyber-attack. Cybersecurity in today's connected world is a key component of any establishment. Amidst known security threats in a virtualization environment, side-channel attacks (SCA) target most impressionable data and computations. SCA is flattering major security interests that need to be inspected from a new point of view. As a part of cybersecurity aspects, secured implementation of virtualization infrastructure is very much essential to ensure the overall security of the cloud computing environment. We require the most effective tools for threat detection, response, and reporting to safeguard business and customers from cyber-attacks. The objective of this chapter is to explore virtualization aspects of cybersecurity threats and solutions in the cloud computing environment. The authors also discuss the design of their novel ‘Flush+Flush' cache attack detection approach in a virtualized environment.

Threat Detection in Cyber Security Using Data Mining and Machine Learning Techniques

2020 ◽  
pp. 234-253
Author(s):  
Daniel Kobla Gasu
Keyword(s):  
Machine Learning ◽  
Data Mining ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
The Internet ◽  
Threat Detection ◽  
Use Of The Internet ◽  
Using Data

The internet has become an indispensable resource for exchanging information among users, devices, and organizations. However, the use of the internet also exposes these entities to myriad cyber-attacks that may result in devastating outcomes if appropriate measures are not implemented to mitigate the risks. Currently, intrusion detection and threat detection schemes still face a number of challenges including low detection rates, high rates of false alarms, adversarial resilience, and big data issues. This chapter describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection and cyber-attack detection. Key literature on ML and DM methods for intrusion detection is described. ML and DM methods and approaches such as support vector machine, random forest, and artificial neural networks, among others, with their variations, are surveyed, compared, and contrasted. Selected papers were indexed, read, and summarized in a tabular format.

scholarly journals Machine Learning-Based Detection for Cyber Security Attacks on Connected and Autonomous Vehicles

Mathematics ◽  
2020 ◽  
Vol 8 (8) ◽  
pp. 1311
Author(s):  
Qiyi He ◽  
Xiaolin Meng ◽  
Rong Qu ◽  
Ruijie Xi
Keyword(s):  
Machine Learning ◽  
Decision Tree ◽  
Cyber Security ◽  
Unified Modeling Language ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Training Data ◽  
Cyber Attack ◽  
Tree Model ◽  
Data Set

Connected and Autonomous Vehicle (CAV)-related initiatives have become some of the fastest expanding in recent years, and have started to affect the daily lives of people. More and more companies and research organizations have announced their initiatives, and some have started CAV road trials. Governments around the world have also introduced policies to support and accelerate the deployments of CAVs. Along these, issues such as CAV cyber security have become predominant, forming an essential part of the complications of CAV deployment. There is, however, no universally agreed upon or recognized framework for CAV cyber security. In this paper, following the UK CAV cyber security principles, we propose a UML (Unified Modeling Language)-based CAV cyber security framework, and based on which we classify the potential vulnerabilities of CAV systems. With this framework, a new CAV communication cyber-attack data set (named CAV-KDD) is generated based on the widely tested benchmark data set KDD99. This data set focuses on the communication-based CAV cyber-attacks. Two classification models are developed, using two machine learning algorithms, namely Decision Tree and Naive Bayes, based on the CAV-KDD training data set. The accuracy, precision and runtime of these two models when identifying each type of communication-based attacks are compared and analysed. It is found that the Decision Tree model requires a shorter runtime, and is more appropriate for CAV communication attack detection.

scholarly journals Enhancing Navigator Competence by Demonstrating Maritime Cyber Security

2018 ◽  
Vol 71 (5) ◽  
pp. 1025-1039 ◽  
Author(s):  
Odd Sveinung Hareide ◽  
Øyvind Jøsok ◽  
Mass Soldal Lund ◽  
Runar Ostnes ◽  
Kirsi Helkala
Keyword(s):  
Work Environment ◽  
Information And Communication Technology ◽  
Communication Technology ◽  
Cyber Security ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
The Internet ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Information And Communication

As technology continues to develop, information and communication technology and operational technology on board ships are increasingly being networked, and more frequently connected to the Internet. The introduction of cyber systems changes the work environment with the aim of decreasing the workload for the navigator, but at the same time introduces more complexity and vulnerabilities that in turn may alter the competencies needed to perform safe and efficient navigation. Contemporary examples of how cyber-attacks can distort situational awareness and interfere with operations are needed to enhance the navigator's competence through increased system awareness. This paper demonstrates some of the possible attack vectors that a cyber-attack can present to a ship, as well as discussing the plausibility and consequences of such attacks. In this study we provide a practical example to better understand how one can demystify cyber threats in order to enhance the navigators' competence.

Sign in / Sign up

Export Citation Format

Share Document